npm - @hackthedev/dsync-ratelimit - Versions diffs - 1.0.1 - Mend

@hackthedev/dsync-ratelimit 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/.gitattributes ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ # Auto detect text files and perform LF normalization
2	+ * text=auto

package/README.md ADDED Viewed

@@ -0,0 +1,103 @@
+# dSyncRateLimit
+This small library is part of the dSync concept and will handle rate limits by either defining and using custom, generic rate limits or by using an express middleware to enforce rate limits.
+------
+## Basics
+```js
+import dSyncRateLimit from "@hackthedev/dsync-ratelimit";
+const rateLimiter = new dSyncRateLimit({
+    getIpLimit: async (req) => {
+        if (!req.user) return 20;
+        if (req.user.plan === "pro") return 200;
+        return 50;
+    },
+    getTotalLimit: async () => 100,
+    getBlockUntil: async (req) => {
+        if (req.path === "/login") {
+            return new Date(Date.now() + 60_000);
+        }
+        return null;
+    }
+});
+```
+------
+## Example express endpoint
+The following example code is just an example and meant to showcase how the rate limit middleware can be used.
+```js
+app.post(
+    "/login",
+    rateLimiter.middleware({
+        getIpLimit: async () => 5,
+        getTotalLimit: async () => 20,
+        getBlockUntil: async () => new Date(Date.now() + 5 * 60_000)
+    }),
+    async (req, res) => {
+        // whatever you wanna do in this endpoint
+    }
+);
+```
+------
+## Manual rate limiting
+By using `rateLimiter.check()`
+```js
+io.on("connection", (socket) => {
+    socket.on("message", (msg) => {
+        const r = rateLimiter.check(`message/${socket.handshake.address}`,20);
+        if (!r.ok) {
+            socket.emit("error", "rate_limited");
+            return;
+        }
+        handleMessage(msg);
+    });
+});
+```
+### With total check
+```js
+io.on("connection", (socket) => {
+    socket.on("message", (msg) => {
+        const rUser = rateLimiter.check(`message/${socket.handshake.address}`,20);
+        const rTotal = rateLimiter.check(`message/total`,200);
+        if (!rUser.ok || !rTotal.ok) {
+            socket.emit("error", "rate_limited");
+            return;
+        }
+        handleMessage(msg);
+    });
+});
+```

package/bun.lock ADDED Viewed

@@ -0,0 +1,18 @@
+{
+  "lockfileVersion": 1,
+  "configVersion": 0,
+  "workspaces": {
+    "": {
+      "name": "@hackthedev/dsync-ratelimit",
+      "dependencies": {
+        "@hackthedev/arraytools": "^1.0.1",
+        "@hackthedev/dsync-ipsec": "^1.0.1",
+      },
+    },
+  },
+  "packages": {
+    "@hackthedev/arraytools": ["@hackthedev/arraytools@1.0.1", "", {}, "sha512-1XHKuqr0sNFUxYddX5G9HQdqtTmAAj7dAtEpqp9cFe+mGGkVjD8ce6/wIFLp0X+UlAMC8plIwePPN5klis64rA=="],
+    "@hackthedev/dsync-ipsec": ["@hackthedev/dsync-ipsec@1.0.1", "", {}, "sha512-KkmckbsyXY/CXnB0Ygh+GsXEKC//3/5ihJANPd9Nd9xmd6kr/lShS3K41ExpdgbTSIroK6RpbPqPGGCqjPWBBg=="],
+  }
+}

package/index.mjs ADDED Viewed

@@ -0,0 +1,85 @@
+import dSyncIPSec from '@hackthedev/dsync-ipsec';
+export default class dSyncRateLimit {
+    constructor({
+                    windowMs = 10_000,
+                    trustProxy = true,
+                    getIpLimit = async () => Infinity,
+                    getTotalLimit = async () => Infinity,
+                    getBlockUntil = async () => null
+                } = {}) {
+        this.ipsec = new dSyncIPSec();
+        this.windowMs = windowMs;
+        this.trustProxy = trustProxy;
+        this.getIpLimit = getIpLimit;
+        this.getTotalLimit = getTotalLimit;
+        this.getBlockUntil = getBlockUntil;
+        this.store = new Map();
+    }
+    now() {
+        return Date.now();
+    }
+    check(key, limit, blockUntilDate = null) {
+        const now = Date.now();
+        let rec = this.store.get(key);
+        if (!rec || now >= rec.resetAt) {
+            rec = {
+                count: 0,
+                resetAt: now + this.windowMs,
+                blockedUntil: 0
+            };
+            this.store.set(key, rec);
+        }
+        if (rec.blockedUntil && now < rec.blockedUntil) {
+            return { ok: false, blocked: true, blockedUntil: rec.blockedUntil };
+        }
+        rec.count++;
+        if (rec.count > limit && blockUntilDate instanceof Date) {
+            rec.blockedUntil = blockUntilDate.getTime();
+        }
+        return {
+            ok: rec.count <= limit,
+            remaining: Math.max(0, limit - rec.count),
+            resetAt: rec.resetAt
+        };
+    }
+    middleware(overrides = {}) {
+        return async (req, res, next) => {
+            const getIpLimit = overrides.getIpLimit || this.getIpLimit;
+            const getTotalLimit = overrides.getTotalLimit || this.getTotalLimit;
+            const getBlockUntil = overrides.getBlockUntil || this.getBlockUntil;
+            const ip = this.ipsec.getClientIp(req);
+            const sig = `${req.method} ${req.path}`;
+            const blockUntil = getBlockUntil ? await getBlockUntil(req) : null;
+            if (getIpLimit) {
+                if (!this.check(`ip:${ip}`, await getIpLimit(req), blockUntil).ok) {
+                    return res.sendStatus(429);
+                }
+            }
+            if (getTotalLimit) {
+                if (!this.check(`sig:${sig}`, await getTotalLimit(req), blockUntil).ok) {
+                    return res.sendStatus(429);
+                }
+            }
+            next();
+        };
+    }
+}

package/package.json ADDED Viewed

@@ -0,0 +1,23 @@
+{
+  "name": "@hackthedev/dsync-ratelimit",
+  "version": "1.0.1",
+  "description": "This small library is part of the dSync concept and will handle rate limits by either defining and using custom, generic rate limits or by using an express middleware to enforce rate limits.",
+  "homepage": "https://github.com/NETWORK-Z-Dev/dsync-ratelimit#readme",
+  "bugs": {
+    "url": "https://github.com/NETWORK-Z-Dev/dsync-ratelimit/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/NETWORK-Z-Dev/dsync-ratelimit.git"
+  },
+  "license": "ISC",
+  "author": "",
+  "main": "index.mjs",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "dependencies": {
+    "@hackthedev/arraytools": "^1.0.1",
+    "@hackthedev/dsync-ipsec": "^1.0.1"
+  }
+}